Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/a35bc9-72e6-4979-b462-bb4a8672cc0c/1/axv3YGrVKdntRV1ckEMIaNGw1_k.roa
File: axv3YGrVKdntRV1ckEMIaNGw1_k.roa (raw, json)
Hash identifier: acL3OYGsPXlnMpk1LnULJYs0pvC6KSolLjbxtBXmAsk=
Subject key identifier: 6B:1B:F7:60:6A:D5:29:D9:ED:45:5D:5C:90:43:08:68:D1:B0:D7:F9
Certificate issuer: /CN=325a8b688deadbb91efbe0772308bac9f304a533
Certificate serial: 01856C0115734119A53CFAA56F1C1D171FAF
Authority key identifier: 32:5A:8B:68:8D:EA:DB:B9:1E:FB:E0:77:23:08:BA:C9:F3:04:A5:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlqLaI3q27ke--B3Iwi6yfMEpTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/a35bc9-72e6-4979-b462-bb4a8672cc0c/1/axv3YGrVKdntRV1ckEMIaNGw1_k.roa
Signing time: Sun 01 Jan 2023 06:24:48 +0000
ROA not before: Sun 01 Jan 2023 06:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213158
IP address blocks: 91.205.231.0/24 maxlen: 24
2a0b:6640::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:15:73:41:19:a5:3c:fa:a5:6f:1c:1d:17:1f:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=325a8b688deadbb91efbe0772308bac9f304a533
Validity
Not Before: Jan 1 06:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b1bf7606ad529d9ed455d5c90430868d1b0d7f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a3:ef:43:0a:96:7f:4b:52:18:01:35:57:eb:
f5:e3:59:07:d1:28:ad:89:6e:9f:04:7d:34:ab:69:
f3:3e:79:bc:bb:ed:eb:bf:ac:56:db:d3:c8:0f:8c:
9f:45:de:fa:07:ce:a6:90:72:9e:73:5b:a2:28:2e:
52:b7:4b:ea:87:af:0d:e0:40:fb:05:5b:3e:8b:00:
d1:29:91:1b:85:56:20:90:a5:f2:2f:fb:c3:60:3a:
43:2b:a3:83:60:75:42:aa:96:b2:ba:57:1e:b4:38:
59:43:68:6d:92:46:0f:ea:5a:0b:70:dd:54:06:8c:
d9:3c:9c:52:6e:02:d2:02:2b:0d:5a:38:22:26:7f:
ae:bf:45:13:f6:7e:35:bc:64:c3:26:8c:7b:90:a5:
3d:72:c5:5f:a9:94:b0:e1:58:77:7f:5b:48:8b:be:
f4:7b:57:8c:b7:fa:5d:76:55:4b:37:c9:2d:16:4e:
ed:ed:f9:8e:f6:a0:a3:1f:a1:1b:bd:c2:f4:df:2a:
02:1f:71:8c:7b:e9:1b:44:b1:9c:0a:a0:95:e3:76:
79:50:b8:3d:6a:d5:88:a1:43:12:5b:ce:e3:ff:3d:
78:bf:37:c6:63:ec:19:d4:87:55:d3:b7:2c:5e:17:
e1:ad:db:74:1a:75:86:2c:dc:b2:73:53:f2:97:3c:
02:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:1B:F7:60:6A:D5:29:D9:ED:45:5D:5C:90:43:08:68:D1:B0:D7:F9
X509v3 Authority Key Identifier:
keyid:32:5A:8B:68:8D:EA:DB:B9:1E:FB:E0:77:23:08:BA:C9:F3:04:A5:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlqLaI3q27ke--B3Iwi6yfMEpTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a35bc9-72e6-4979-b462-bb4a8672cc0c/1/axv3YGrVKdntRV1ckEMIaNGw1_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a35bc9-72e6-4979-b462-bb4a8672cc0c/1/MlqLaI3q27ke--B3Iwi6yfMEpTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.231.0/24
IPv6:
2a0b:6640::/29
Signature Algorithm: sha256WithRSAEncryption
49:0f:2c:cb:ab:38:cd:cd:51:f7:51:15:06:f3:be:a3:6b:25:
7b:22:c4:58:30:18:2e:11:c4:c8:94:b2:08:23:f2:6b:fa:8f:
c0:1a:77:5d:06:53:d7:54:be:f3:13:dc:c7:cc:64:92:aa:f2:
94:5b:21:2c:67:25:6b:1e:bc:69:57:8d:b9:42:a6:90:79:b9:
e6:a3:15:67:28:7b:3a:6b:3f:29:57:37:50:86:6f:67:23:83:
84:89:83:a3:5e:56:28:b9:8f:0c:28:31:7e:3e:39:3a:b9:6f:
e9:90:fc:f0:22:52:08:48:b2:e1:d6:46:ba:e3:d2:e3:ec:b0:
9d:88:83:fd:68:4a:36:ad:90:3f:0c:4f:17:32:f9:56:92:77:
e5:00:67:74:8c:67:87:8c:49:66:ba:1f:4a:c7:86:40:12:10:
5a:74:d2:44:bf:a3:92:d6:7e:99:00:4d:b9:2b:aa:6f:04:80:
af:e3:ae:37:02:7b:07:c2:1d:7a:22:ec:5b:18:90:fe:e4:99:
fb:2c:50:40:1a:15:bf:66:85:52:6b:73:88:77:3d:91:f8:83:
90:07:82:5e:ac:a8:9a:20:46:8e:60:35:89:bc:a7:0b:c1:49:
09:66:d9:80:8e:eb:00:c9:85:ec:1f:20:0d:b0:0e:ba:43:3f:
3f:0f:85:db
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsARVzQRmlPPqlbxwdFx+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNWE4YjY4OGRlYWRiYjkxZWZiZTA3NzIzMDhiYWM5ZjMw
NGE1MzMwHhcNMjMwMTAxMDYyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjFiZjc2MDZhZDUyOWQ5ZWQ0NTVkNWM5MDQzMDg2OGQxYjBkN2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqPvQwqWf0tSGAE1V+v141kH0Sit
iW6fBH00q2nzPnm8u+3rv6xW29PID4yfRd76B86mkHKec1uiKC5St0vqh68N4ED7
BVs+iwDRKZEbhVYgkKXyL/vDYDpDK6ODYHVCqpayulcetDhZQ2htkkYP6loLcN1U
BozZPJxSbgLSAisNWjgiJn+uv0UT9n41vGTDJox7kKU9csVfqZSw4Vh3f1tIi770
e1eMt/pddlVLN8ktFk7t7fmO9qCjH6EbvcL03yoCH3GMe+kbRLGcCqCV43Z5ULg9
atWIoUMSW87j/z14vzfGY+wZ1IdV07csXhfhrdt0GnWGLNyyc1PylzwCZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGsb92Bq1SnZ7UVdXJBDCGjRsNf5MB8GA1UdIwQY
MBaAFDJai2iN6tu5HvvgdyMIusnzBKUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxxTGFJM3EyN2tlLS1CM0l3aTZ5Zk1FcFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hMzViYzktNzJlNi00OTc5LWI0NjIt
YmI0YTg2NzJjYzBjLzEvYXh2M1lHclZLZG50UlYxY2tFTUlhTkd3MV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hMzViYzktNzJlNi00OTc5LWI0NjItYmI0YTg2NzJjYzBj
LzEvTWxxTGFJM3EyN2tlLS1CM0l3aTZ5Zk1FcFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW83nMA0E
AgACMAcDBQMqC2ZAMA0GCSqGSIb3DQEBCwUAA4IBAQBJDyzLqzjNzVH3URUG876j
ayV7IsRYMBguEcTIlLIII/Jr+o/AGnddBlPXVL7zE9zHzGSSqvKUWyEsZyVrHrxp
V425QqaQebnmoxVnKHs6az8pVzdQhm9nI4OEiYOjXlYouY8MKDF+Pjk6uW/pkPzw
IlIISLLh1ka649Lj7LCdiIP9aEo2rZA/DE8XMvlWknflAGd0jGeHjElmuh9Kx4ZA
EhBadNJEv6OS1n6ZAE25K6pvBICv4643AnsHwh16IuxbGJD+5Jn7LFBAGhW/ZoVS
a3OIdz2R+IOQB4JerKiaIEaOYDWJvKcLwUkJZtmAjusAyYXsHyANsA66Qz8/D4Xb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:23 2024 by rpki-client on console-fra.rpki-client.org